<?php
if($_SESSION[Logged_In] == false)
{

	if(!captcha_check($_POST['captcha']) && !empty($_POST['captcha'])){
					die("Captcha is wrong");
	}

		echo "<form method=post>";
		echo "Username:";
		echo "<br>";
		echo "<input name=Login_Username maxlength=60>";
		echo "<br>";
		echo "Password:";
		echo "<br>";
		echo "<input type=password name=Login_Password maxlength=30>";
		echo "<br>";
		captcha();
		echo "<br>";
		echo "<input type=submit name=submit value=Login>";
		echo "</form>";

//if posted do blah balh
if(isset($_POST['Login_Username']) && isset($_POST['Login_Password']))
{	
	
	//check if user missed something
	if (!$_POST['Login_Username'] | !$_POST['Login_Password']) 
	{
		echo('Fill everything please');
	}
	else
	{
		//escape username
		$username = mysql_real_escape_string($_POST['Login_Username']);
        
		//has(c?)h password
		$MD5password = md5($_POST['Login_Password']);
		$SHA1password = sha1($_POST['Login_Password']);
		//mysql. The question is what is the question?
		$query = mysql_query("select * from `accounts` where username = '$username' and password = '$SHA1password'");
		//if a match was found
		if(mysql_num_rows($query) == 1)
		{
			//get the stuff from sql
			$Result = mysql_fetch_assoc($query);
		
			//session variables
			$_SESSION['Logged_In'] = true;
			$_SESSION['User_Id'] = $Result['id'];
			$_SESSION['Username'] = $Result['username'];
			if($IP == "127.0.0.1" || $_SESSION['User_Id'] = "1") //id 1 ska vara admin
			{
				echo "<br>admin"; //$_SESSION['Admin'] = true;
			}
			//redirect
			
			
		
		}
		else{echo "<br><br>Don't";}
	}
}
}
else
{
	echo "Redirecting";
	//redirect
}
?>